[Webkit-unassigned] [Bug 23814] Crasher: Random unicode characters inserted into select options and
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Feb 7 15:39:07 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=23814
------- Comment #8 from james at wheare.org 2009-02-07 15:39 PDT -------
For the benefit of Google:
I managed to isolate a reduced test case here:
http://james.wheare.org/stuff/bugs/safari/fixedselect
The setup involves a <select> with at least two <option> children inside a
position:fixed container which is itself contained by a position:relative
element.
Then with javascript:
1. Set the position of the fixed container to absolute
2. Access the container's clientWidth or clientHeight properties
3. Restore the position of the container to fixed
After these operations, select a different option from the drop down and it's
text content will be munged with random characters.
This particular test case doesn't trigger the crash, but it's probably the root
symptom.
This may seem like quite a strange operation but is used in the Prototype.js
Element.getDimensions method:
http://github.com/sstephenson/prototype/blob/952feb48a39d519f8948a469d86bdcc952f5ac62/src/dom/dom.js#L431
Thankfully it's fixed in the latest Webkit nightly but knowing what triggers it
should help any web developers who encounter this issue in the mean time.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list